The Hacker News — Cyber Security, Hacking, Technology News

The British authority has reportedly arrested a 20-years-old young man – potentially one of the member of a cyber criminal gang 'Turkish Crime Family' who threatened Apple last week to remotely wipe data from millions of iOS devices unless Apple pays a ransom of $75,000.

The UK's National Crime Agency (NCA) arrested a young man from London on Tuesday on suspicion of "Computer Misuse Act and extortion offences," who according to Motherboard, "may be connected to the ongoing attempted extortion of Apple by a group calling itself the Turkish Crime Family."

Last week, the hacking group claimed to have access to over 300 million iCloud accounts and threatened Apple to remotely wipe data from those millions of Apple devices unless Apple pays it $75,000 in Bitcoin or Ethereum, or $100,000 worth of iTunes gift cards.

Motherboard broke the story after one of the members of Turkish Crime Family shared screenshots of emails between the hacking group and Apple's security team with the publication.

Shortly after the extortion news, Apple released a statement, saying that there have not been any breaches to its servers and databases; instead, the data in possession with hackers appears to be from previously compromised third-party services, such as LinkedIn.

The company also said it is working with law enforcement to identify the criminals.

"Apple is actively monitoring to prevent unauthorised access to user accounts and is working with law enforcement to identify the criminals involved," Apple said in the statement.
"To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication."

Although the NCA has not elaborated further about the arrest except that the man has been bailed pending further inquiries, another member of the same criminal gang confirmed Motherboard via an email that the arrested member hasn't been online after the alleged raid.

Moreover, the group claimed his friend who was at his house during the raid managed to film the incident, though Motherboard, who received a copy of it, has declined to post the video publicly at this time.

Arrest Doesn’t Mean Your iCloud Data is Safe

At this moment, we are not entirely sure that the arrested man is actually linked to the Turkish Crime Family, although the man is suspected of having committed blackmail and unauthorised access of computers with the intent to commit or facilitate the commission of further offences, according to the warrant Motherboard received in an email.

But if he comes out to be the member of the same hacking group, it doesn't mean that Apple extortion threat has gone completely, as other members of the hacking group are still out there with alleged compromised icloud accounts.

It's possible that remaining members of Turkish Crime Family, in panic, go underground without doing anything, but there's still the possibility of them remotely wiping victim's Apple devices and resetting iCloud accounts, if they actually have the capability to do what they claim.

The hacking group has given Apple a deadline until April 7 to pay up the ransom.

So, if you haven't done yet, change your iCloud passwords immediately and enable two-step authentication to add an extra layer of security to your account in order to keep your iCloud account safe from hackers.